From 2b7b3940d432be5af6be87bb8ced05b8a3a0f182 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Wed, 21 Dec 2005 16:04:34 +0000
Subject: [PATCH] (doit): move creation of users ticket file to later to avoid
 seteuid/setuid dance. this breaks DCE, so remove support for it completely.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16414 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 appl/rsh/rshd.c | 68 ++++++++++++++-----------------------------------
 1 file changed, 19 insertions(+), 49 deletions(-)

diff --git a/appl/rsh/rshd.c b/appl/rsh/rshd.c
index def89bb12..cc2d5c20f 100644
--- a/appl/rsh/rshd.c
+++ b/appl/rsh/rshd.c
@@ -74,13 +74,6 @@ static int do_keepalive = 1;
 static int do_version;
 static int do_help = 0;
 
-#if defined(KRB5) && defined(DCE)
-int dfsk5ok = 0;
-int dfspag = 0;
-int dfsfwd = 0;
-krb5_ticket *user_ticket;
-#endif
-
 static void
 syslog_and_die (const char *m, ...)
     __attribute__ ((format (printf, 1, 2)));
@@ -454,10 +447,6 @@ recv_krb5_auth (int s, u_char *buf,
 	}
     }	   
 
-#if defined(DCE)
-    user_ticket = ticket;
-#endif
-
     return 0;
 }
 #endif /* KRB5 */
@@ -645,15 +634,9 @@ setup_environment (char ***env, const struct passwd *pwd)
 	    syslog_and_die ("asprintf: out of memory");
     }
     asprintf (&e[i++], "SSH_CLIENT=only_to_make_bash_happy");
-#if defined(DCE)
-    if (getenv("KRB5CCNAME"))
-	if (asprintf (&e[i++], "KRB5CCNAME=%s",  getenv("KRB5CCNAME")) == -1)
-	    syslog_and_die ("asprintf: out of memory");
-#else
     if (do_unique_tkfile)
 	if (asprintf (&e[i++], "KRB5CCNAME=%s", tkfile) == -1)
 	    syslog_and_die ("asprintf: out of memory");
-#endif
     e[i++] = NULL;
     *env = e;
 }
@@ -782,10 +765,6 @@ doit (void)
     if (client_user == NULL || server_user == NULL || cmd == NULL)
 	syslog_and_die("mising client/server/cmd");
 
-#if defined(DCE) && defined(_AIX)
-    esetenv("AUTHSTATE", "DCE", 1);
-#endif
-
     pwd = getpwnam (server_user);
     if (pwd == NULL)
 	fatal (s, NULL, "Login incorrect.");
@@ -825,34 +804,6 @@ doit (void)
 #endif
     
 
-#ifdef KRB5
-    {
-	int fd;
- 
-	if (!do_unique_tkfile)
-	    snprintf(tkfile,sizeof(tkfile),"FILE:/tmp/krb5cc_%lu",
-		     (unsigned long)pwd->pw_uid);
-	else if (*tkfile=='\0') {
-	    snprintf(tkfile,sizeof(tkfile),"FILE:/tmp/krb5cc_XXXXXX");
-	    fd = mkstemp(tkfile+5);
-	    close(fd);
-	    unlink(tkfile+5);
-	}
- 
-	if (kerberos_status)
-	    krb5_start_session();
-    }
-    chown(tkfile + 5, pwd->pw_uid, -1);
-
-#if defined(DCE)
-    if (kerberos_status) {
-	esetenv("KRB5CCNAME", tkfile, 1);
-	dfspag = krb5_dfs_pag(context, kerberos_status, user_ticket->client, server_user);
-    }
-#endif
-
-#endif
-
 #ifdef HAVE_SETLOGIN
     if (setlogin(pwd->pw_name) < 0)
 	syslog(LOG_ERR, "setlogin() failed: %m");
@@ -884,6 +835,25 @@ doit (void)
 	    fatal (s, "dup2", "Cannot dup stderr.");
     }
 
+#ifdef KRB5
+    {
+	int fd;
+ 
+	if (!do_unique_tkfile)
+	    snprintf(tkfile,sizeof(tkfile),"FILE:/tmp/krb5cc_%lu",
+		     (unsigned long)pwd->pw_uid);
+	else if (*tkfile=='\0') {
+	    snprintf(tkfile,sizeof(tkfile),"FILE:/tmp/krb5cc_XXXXXX");
+	    fd = mkstemp(tkfile+5);
+	    close(fd);
+	    unlink(tkfile+5);
+	}
+ 
+	if (kerberos_status)
+	    krb5_start_session();
+    }
+#endif
+
     setup_environment (&env, pwd);
 
     if (do_encrypt) {